Marriott International announced details of a
cyberattack which compromised the data of
millions of customers in its Starwood guest
The company said an investigation had determined
there was unauthorised access to the database,
which contained guest information relating to
reservations at Starwood properties on or before
September 10, 2018.
Up to 500 million customers could have been
affected – with the possibility that payment card
information was also exposed – and there had
been unauthorised access to the Starwood
network since 2014.
Two Iranian men were charged for
the alleged deployment of malicious
software known as SamSam which
infected more than 200 victims –
mainly in the US and Canada.
The pair are charged with one
count of conspiracy to commit wire
fraud, one count of conspiracy to
commit fraud and related activity
in connection with computers, two
substantive counts of intentional
damage to a protected computer
and two substantive counts of
transmitting a demand in relation to
damaging a protected computer.
In a statement, the company said: “Marriott deeply
regrets this incident happened. From the start, we
moved quickly to contain the incident and conduct
a thorough investigation with the assistance of
leading security experts.”